Updating tests. Adding policy to cache account entity

sgonzalezMSFT · sgonzalezMSFT · commit 46c0121e8dbf · 2019-04-30T13:38:12.000-07:00
diff --git a/src/integrationtest/java/com.microsoft.aad.msal4j/AuthorizationCodeIT.java b/src/integrationtest/java/com.microsoft.aad.msal4j/AuthorizationCodeIT.java
@@ -86,7 +86,7 @@ public void acquireTokenWithAuthorizationCode_ManagedUser(){
                 false);
         labUserProvider.getUserPassword(labResponse.getUser());
 
-        assertAcquireTokenCommon(labResponse, AuthorityType.AAD);
+        assertAcquireTokenAAD(labResponse);
     }
 
     @Test
@@ -97,7 +97,7 @@ public void acquireTokenWithAuthorizationCode_ADFSv2019_Federated(){
                 true);
         labUserProvider.getUserPassword(labResponse.getUser());
 
-        assertAcquireTokenCommon(labResponse, AuthorityType.AAD);
+        assertAcquireTokenAAD(labResponse);
     }
 
     @Test
@@ -108,7 +108,7 @@ public void acquireTokenWithAuthorizationCode_ADFSv2019_NotFederated(){
                 true);
         labUserProvider.getUserPassword(labResponse.getUser());
 
-        assertAcquireTokenCommon(labResponse, AuthorityType.AAD);
+        assertAcquireTokenAAD(labResponse);
     }
 
     @Test
@@ -119,7 +119,7 @@ public void acquireTokenWithAuthorizationCode_ADFSv4_Federated(){
                 false);
         labUserProvider.getUserPassword(labResponse.getUser());
 
-        assertAcquireTokenCommon(labResponse, AuthorityType.AAD);
+        assertAcquireTokenAAD(labResponse);
     }
 
     @Test
@@ -130,7 +130,7 @@ public void acquireTokenWithAuthorizationCode_ADFSv4_NotFederated(){
                 false);
         labUserProvider.getUserPassword(labResponse.getUser());
 
-        assertAcquireTokenCommon(labResponse, AuthorityType.AAD);
+        assertAcquireTokenAAD(labResponse);
     }
 
     @Test
@@ -140,8 +140,8 @@ public void acquireTokenWithAuthorizationCode_ADFSv3_Federated(){
                 true,
                 false);
         labUserProvider.getUserPassword(labResponse.getUser());
+        assertAcquireTokenAAD(labResponse);
 
-        assertAcquireTokenCommon(labResponse, AuthorityType.AAD);
     }
 
     @Test
@@ -152,7 +152,7 @@ public void acquireTokenWithAuthorizationCode_ADFSv3_NotFederated(){
                 false);
         labUserProvider.getUserPassword(labResponse.getUser());
 
-        assertAcquireTokenCommon(labResponse, AuthorityType.AAD);
+        assertAcquireTokenAAD(labResponse);
     }
 
     @Test
@@ -163,7 +163,7 @@ public void acquireTokenWithAuthorizationCode_ADFSv2_Federated(){
                 false);
         labUserProvider.getUserPassword(labResponse.getUser());
 
-        assertAcquireTokenCommon(labResponse, AuthorityType.AAD);
+        assertAcquireTokenAAD(labResponse);
     }
 
     @Test
@@ -174,7 +174,7 @@ public void acquireTokenWithAuthorizationCode_ADFSv2_NotFederated(){
                 false);
         labUserProvider.getUserPassword(labResponse.getUser());
 
-        assertAcquireTokenCommon(labResponse, AuthorityType.AAD);
+        assertAcquireTokenAAD(labResponse);
     }
 
     @Test
@@ -187,7 +187,7 @@ public void acquireTokenWithAuthorizationCode_B2C_Local(){
         String b2CAppId = "b876a048-55a5-4fc5-9403-f5d90cb1c852";
         labResponse.setAppId(b2CAppId);
 
-        assertAcquireTokenCommon(labResponse, AuthorityType.B2C);
+        assertAcquireTokenB2C(labResponse);
     }
 
     @Test
@@ -200,26 +200,39 @@ public void acquireTokenWithAuthorizationCode_B2C_Google(){
         String b2CAppId = "b876a048-55a5-4fc5-9403-f5d90cb1c852";
         labResponse.setAppId(b2CAppId);
 
-        assertAcquireTokenCommon(labResponse, AuthorityType.B2C);
+        assertAcquireTokenB2C(labResponse);
     }
 
-    @Test
-    public void acquireTokenWithAuthorizationCode_B2C_Facebook(){
-        LabResponse labResponse = labUserProvider.getB2cUser(
-                B2CIdentityProvider.FACEBOOK,
-                false);
-        labUserProvider.getUserPassword(labResponse.getUser());
+    // TODO uncomment when lab fixes facebook test account
+//    @Test
+//    public void acquireTokenWithAuthorizationCode_B2C_Facebook(){
+//        LabResponse labResponse = labUserProvider.getB2cUser(
+//                B2CIdentityProvider.FACEBOOK,
+//                false);
+//        labUserProvider.getUserPassword(labResponse.getUser());
+//
+//        String b2CAppId = "b876a048-55a5-4fc5-9403-f5d90cb1c852";
+//        labResponse.setAppId(b2CAppId);
+//
+//        assertAcquireTokenB2C(labResponse);
+//    }
 
-        String b2CAppId = "b876a048-55a5-4fc5-9403-f5d90cb1c852";
-        labResponse.setAppId(b2CAppId);
 
-        assertAcquireTokenCommon(labResponse, AuthorityType.B2C);
-    }
+    private void assertAcquireTokenAAD(LabResponse labResponse){
+        String authCode = acquireAuthorizationCodeAutomated(labResponse, AuthorityType.AAD);
+        AuthenticationResult result = acquireTokenInteractiveAAD(labResponse, authCode);
 
+        Assert.assertNotNull(result);
+        Assert.assertNotNull(result.accessToken());
+        Assert.assertNotNull(result.refreshToken());
+        Assert.assertNotNull(result.idToken());
+        // TODO AuthenticationResult should have an getAccountInfo API
+        // Assert.assertEquals(labResponse.getUser().getUpn(), result.getAccountInfo().getUsername());
+    }
 
-    private void assertAcquireTokenCommon(LabResponse labResponse, AuthorityType authorityType){
-        String authCode = acquireAuthorizationCodeAutomated(labResponse, authorityType);
-        AuthenticationResult result = acquireTokenInteractive(labResponse, authorityType, authCode);
+    private void assertAcquireTokenB2C(LabResponse labResponse){
+        String authCode = acquireAuthorizationCodeAutomated(labResponse, AuthorityType.B2C);
+        AuthenticationResult result = acquireTokenInteractiveB2C(labResponse, authCode);
 
         Assert.assertNotNull(result);
         Assert.assertNotNull(result.accessToken());
@@ -229,14 +242,16 @@ private void assertAcquireTokenCommon(LabResponse labResponse, AuthorityType aut
         // Assert.assertEquals(labResponse.getUser().getUpn(), result.getAccountInfo().getUsername());
     }
 
-    private AuthenticationResult acquireTokenInteractive(
+    private AuthenticationResult acquireTokenInteractiveAAD(
             LabResponse labResponse,
-            AuthorityType authorityType,
             String authCode){
 
         AuthenticationResult result;
         try {
-            PublicClientApplication pca = createPublicClientApplication(labResponse, authorityType);
+            PublicClientApplication pca = PublicClientApplication.builder(
+                    labResponse.getAppId()).
+                    authority(TestConstants.AUTHORITY_ORGANIZATIONS).
+                    build();
 
             result = pca.acquireToken(AuthorizationCodeParameters
                     .builder(authCode,
@@ -252,22 +267,31 @@ private AuthenticationResult acquireTokenInteractive(
         return result;
     }
 
-    private PublicClientApplication createPublicClientApplication(
-            LabResponse labResponse,
-            AuthorityType authorityType) throws MalformedURLException {
-        if(authorityType == AuthorityType.AAD){
-            return new PublicClientApplication.Builder(
-                    labResponse.getAppId()).
-                    authority(TestConstants.AUTHORITY_ORGANIZATIONS).
-                    build();
-        } else {
-            return new PublicClientApplication.Builder(
-                    labResponse.getAppId()).
-                    b2cAuthority(TestConstants.B2C_AUTHORITY_SIGN_IN).
-                    build();
+    private AuthenticationResult acquireTokenInteractiveB2C(LabResponse labResponse,
+                                                            String authCode) {
+        AuthenticationResult result;
+        try{
+            IClientCredential credential = ClientCredentialFactory.create("=]Y)_A7LX`]6\"]_PoD!)Lo24");
+            ConfidentialClientApplication cca = ConfidentialClientApplication.builder(
+                    labResponse.getAppId(),
+                    credential)
+                    .b2cAuthority(TestConstants.B2C_AUTHORITY_SIGN_IN)
+                    .build();
+
+            result = cca.acquireToken(AuthorizationCodeParameters.builder(
+                    authCode,
+                    new URI(TestConstants.LOCALHOST + tcpListener.getPort()))
+                    .scopes(Collections.singleton(TestConstants.B2C_LAB_SCOPE))
+                    .build())
+                    .get();
+        } catch (Exception e){
+            LOG.error("Error acquiring token with authCode: " + e.getMessage());
+            throw new RuntimeException("Error acquiring token with authCode: " + e.getMessage());
         }
+        return result;
     }
 
+
     private String acquireAuthorizationCodeAutomated(
             LabResponse labUserData,
             AuthorityType authorityType){
@@ -364,18 +388,21 @@ private String buildAuthenticationCodeURL(String appId, AuthorityType authorityT
         int portNumber = tcpListener.getPort();
 
         String authority;
+        String scope;
         if(authorityType == AuthorityType.AAD){
             authority = TestConstants.AUTHORITY_ORGANIZATIONS;
+            scope = TestConstants.GRAPH_DEFAULT_SCOPE;
         } else {
             authority = TestConstants.B2C_AUTHORITY_URL;
+            scope = TestConstants.B2C_LAB_SCOPE;
         }
 
         redirectUrl = authority + "oauth2/v2.0/authorize?" +
                 "response_type=code" +
                 "&response_mode=query" +
                 "&client_id=" + appId +
                 "&redirect_uri=" + URLEncoder.encode(TestConstants.LOCALHOST + portNumber, "UTF-8") +
-                "&scope=" + URLEncoder.encode("openid offline_access profile " + TestConstants.GRAPH_DEFAULT_SCOPE, "UTF-8");
+                "&scope=" + URLEncoder.encode("openid offline_access profile " + scope, "UTF-8");
 
         if(authorityType == AuthorityType.B2C){
             redirectUrl = redirectUrl + "&p=" + TestConstants.B2C_SIGN_IN_POLICY;
diff --git a/src/integrationtest/java/com.microsoft.aad.msal4j/TestConstants.java b/src/integrationtest/java/com.microsoft.aad.msal4j/TestConstants.java
@@ -26,6 +26,7 @@
 public class TestConstants {
     public final static String KEYVAULT_DEFAULT_SCOPE = "https://vault.azure.net/.default";
     public final static String GRAPH_DEFAULT_SCOPE = "https://graph.windows.net/.default";
+    public final static String B2C_LAB_SCOPE = "https://msidlabb2c.onmicrosoft.com/msaapp/user_impersonation";
 
     public final static String AUTHORITY_ORGANIZATIONS = "https://login.microsoftonline.com/organizations/";
     public final static String AUTHORITY_MICROSOFT = "https://login.microsoftonline.com/microsoft.onmicrosoft.com";
diff --git a/src/main/java/com/microsoft/aad/msal4j/Account.java b/src/main/java/com/microsoft/aad/msal4j/Account.java
@@ -78,12 +78,14 @@ String getKey() {
         return String.join(Constants.CACHE_KEY_SEPARATOR, keyParts).toLowerCase();
     }
 
-    static Account create(String clientInfoStr, String environment, IdToken idToken) {
+    static Account create(String clientInfoStr, String environment, IdToken idToken, String policy) {
 
         Account account = new Account();
         account.authorityType(MSSTS_ACCOUNT_TYPE);
         account.clientInfoStr = clientInfoStr;
-        account.homeAccountId(account.clientInfo().toAccountIdentifier());
+        account.homeAccountId(policy != null ?
+                account.clientInfo().toAccountIdentifier() + Constants.CACHE_KEY_SEPARATOR + policy :
+                account.clientInfo().toAccountIdentifier());
         account.environment(environment);
 
         if (idToken != null) {
@@ -97,4 +99,8 @@ static Account create(String clientInfoStr, String environment, IdToken idToken)
 
         return account;
     }
+
+    static Account create(String clientInfoStr, String environment, IdToken idToken){
+        return create(clientInfoStr, environment, idToken, null);
+    }
 }
diff --git a/src/main/java/com/microsoft/aad/msal4j/B2CAuthority.java b/src/main/java/com/microsoft/aad/msal4j/B2CAuthority.java
@@ -11,6 +11,7 @@
 class B2CAuthority extends Authority{
 
     final String B2CTokenEndpointFormat = "https://%s/{tenant}" + TOKEN_ENDPOINT + "?p={policy}";
+    String policy;
 
     B2CAuthority(final URL authorityUrl){
         super(authorityUrl);
@@ -26,7 +27,7 @@ private void setAuthorityProperties() {
                     "B2C 'authority' Uri should have at least 3 segments in the path " +
                             "(i.e. https://<host>/tfp/<tenant>/<policy>/...)");
         }
-        String policy = segments[2];
+        policy = segments[2];
 
         final String b2cAuthorityFormat = "https://%s/%s/%s/%s/";
         this.authority = String.format(
diff --git a/src/main/java/com/microsoft/aad/msal4j/ClientApplicationBase.java b/src/main/java/com/microsoft/aad/msal4j/ClientApplicationBase.java
@@ -304,7 +304,7 @@ abstract static class Builder<T extends Builder<T>> {
 
         // Optional parameters - initialized to default values
         private String authority = DEFAULT_AUTHORITY;
-        private Authority authenticationAuthority;
+        private Authority authenticationAuthority = createDefaultAADAuthority();
         private boolean validateAuthority = true;
         private String correlationId = UUID.randomUUID().toString();
         private boolean logPii = false;
@@ -445,6 +445,16 @@ public T setTokenCacheAccessAspect(ITokenCacheAccessAspect val) {
             return self();
         }
 
+        private static Authority createDefaultAADAuthority() {
+            Authority authority;
+            try {
+                authority = new AADAuthority(new URL(DEFAULT_AUTHORITY));
+            } catch(Exception e){
+                throw new AuthenticationException(e);
+            }
+            return authority;
+        }
+
         abstract ClientApplicationBase build();
     }
 
diff --git a/src/main/java/com/microsoft/aad/msal4j/TokenRequest.java b/src/main/java/com/microsoft/aad/msal4j/TokenRequest.java
@@ -106,7 +106,23 @@ AuthenticationResult executeOauthRequestAndProcessResponse()
                     IdToken idToken = JsonHelper.convertJsonToObject(idTokenJson, IdToken.class);
 
                     if (!StringHelper.isBlank(response.getClientInfo())) {
-                        account = Account.create(response.getClientInfo(), url.getHost(), idToken);
+
+                        AuthorityType type = msalRequest.application().authenticationAuthority.authorityType;
+                        if(type == AuthorityType.B2C){
+
+                            B2CAuthority authority = (B2CAuthority) msalRequest.application().authenticationAuthority;
+
+                            account = Account.create(
+                                    response.getClientInfo(),
+                                    url.getHost(),
+                                    idToken,
+                                    authority.policy);
+                        } else {
+                            account = Account.create(
+                                    response.getClientInfo(),
+                                    url.getHost(),
+                                    idToken);
+                        }
                     }
                 }
                 long currTimestampSec = new Date().getTime() / 1000;
diff --git a/src/samples/public-client/B2CFlow.java b/src/samples/public-client/B2CFlow.java
@@ -1,4 +1,41 @@
-package PACKAGE_NAME;
+
+import com.microsoft.aad.msal4j.AuthenticationResult;
+import com.microsoft.aad.msal4j.PublicClientApplication;
+import com.microsoft.aad.msal4j.UserNamePasswordParameters;
+
+
+import java.util.Collections;
+import java.util.concurrent.CompletableFuture;
 
 public class B2CFlow {
-}
+
+    public static void main(String args[]) throws Exception {
+        getAccessTokenFromUserCredentials();
+    }
+
+    private static void getAccessTokenFromUserCredentials() throws Exception {
+
+        PublicClientApplication app = PublicClientApplication.builder(TestData.PUBLIC_CLIENT_ID)
+                .b2cAuthority(TestData.B2C_AUTHORITY)
+                .build();
+
+        CompletableFuture<AuthenticationResult> future = app.acquireToken(
+                UserNamePasswordParameters.builder(
+                        Collections.singleton(TestData.LAB_DEFAULT_B2C_SCOPE),
+                        TestData.USER_NAME,
+                        TestData.USER_PASSWORD.toCharArray()).build());
+
+        future.handle((res, ex) -> {
+            if(ex != null) {
+                System.out.println("Oops! We have an exception - " + ex.getMessage());
+                return "Unknown!";
+            }
+            System.out.println("Returned ok - " + res);
+
+            System.out.println("Access Token - " + res.accessToken());
+            System.out.println("Refresh Token - " + res.refreshToken());
+            System.out.println("ID Token - " + res.idToken());
+            return res;
+        }).join();
+    }
+}
diff --git a/src/samples/public-client/TestData.java b/src/samples/public-client/TestData.java
diff --git a/src/test/java/com/microsoft/aad/msal4j/AuthorityTest.java b/src/test/java/com/microsoft/aad/msal4j/AuthorityTest.java
diff --git a/src/test/java/com/microsoft/aad/msal4j/TestConfiguration.java b/src/test/java/com/microsoft/aad/msal4j/TestConfiguration.java
